package cn.itcast.web.controller;


import cn.itcast.common.utils.Encrypt;
import cn.itcast.domain.system.Module;
import cn.itcast.domain.system.User;
import cn.itcast.service.system.ModuleService;
import cn.itcast.service.system.UserService;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import java.security.Security;
import java.util.List;

@Controller
public class LoginController extends BaseController{
    @Autowired
    private UserService userService;
    @Autowired
    private ModuleService moduleService;

    //用户登录
/*	@RequestMapping("/login")
	public String login(String email,String password) {
	    //判断用户对象是否为空，并且密码是否一致
        if (StringUtils.isEmpty(email) || StringUtils.isEmpty(password)){
            return "forward:login.jsp";
        }
	    //1.获取邮箱和密码
        // 2.调用service，根据邮箱查询用户
        User loginUser = userService.findByEmail(email);
        //对用户输入的密码进行MD5加密
        password = Encrypt.md5(password,email);

        if (loginUser == null || !password.equals(loginUser.getPassword())) {
            // 4.如果用户不存在或者密码不一致 重新登录
            request.setAttribute("errorMsg","对不起用户名或密码错误");
            return "forward:login.jsp";
        }else {
            // 5.如果一致：跳转页面（用户数据保存到session）
            session.setAttribute("loginUser",loginUser);
            //获取动态菜单
            List<Module> modules  = moduleService.findByUserId(loginUser.getId());
            session.setAttribute("modules",modules);
            return "home/main";
        }
	}*/

    @RequestMapping("/login")
    public String login(String email,String password) {
        //1.判断输入的邮箱和密码是否为空
        if (StringUtils.isEmpty(email) || StringUtils.isEmpty(password)){
            return "forward:/login.jsp";
        }
        try {
            //2.获取subject
            Subject subject = SecurityUtils.getSubject();
            //3.构造shiro中认证的参数（用户登录邮箱和密码封装的对象）
            UsernamePasswordToken upToken = new UsernamePasswordToken(email,password);
            //4.使用subject的login方法进入shiro进行认证
            subject.login(upToken);
            //5.如果正常执行，登录成功
            User user = (User)subject.getPrincipal();
            session.setAttribute("loginUser",user);
            List<Module> modules = moduleService.findByUserId(user.getId());
            session.setAttribute("modules",modules);
            //跳转首页
            return "home/main";
        } catch (Exception e) {
            e.printStackTrace();
            //6.如果配置异常，登录失败
            request.setAttribute("error","用户名或密码错误");
            return "forward:/login.jsp";
        }

    }

    //退出
    @RequestMapping(value = "/logout",name="用户登出")
    public String logout(){
        //SecurityUtils.getSubject().logout();   //登出
        SecurityUtils.getSubject().logout();
        return "forward:login.jsp";
    }

    @RequestMapping("/home")
    public String home(){
	    return "home/home";
    }
}
